As I reported earlier this month on PogoWasRight.org, Uber settled privacy and data security charges levied by the Federal Trade Commission. Laura Jehl of BakerHostetler recaps the controversy:
Uber, the ride-hailing giant, agreed this week to implement a comprehensive privacy program and to undergo 20 years of privacy and data security audits in order to settle allegations by the Federal Trade Commission (FTC) that Uber did not keep its promises to protect customer data. The FTC had alleged two separate failures by Uber: first, misrepresenting the extent to which it monitored its employees’ access to personal information about users and drivers, and second, misrepresenting that it deployed reasonable measures to secure personal information it stored on a third-party cloud provider’s servers. This week’s settlement made clear the FTC’s view that being an early-phase company is no excuse for weak data protection measures or misleading statements regarding consumer data privacy.
Read more on BakerHostetler Data Privacy Monitor.